formbook | 2fa39cb84b99f5116346143568cc2f598b27916a624bbce5c85aaa8efc8eca0f

General

Target

JaffaCakes118_2fa39cb84b99f5116346143568cc2f598b27916a624bbce5c85aaa8efc8eca0f
Size

188KB
Sample

241229-parlws1nak
MD5

9c15853342787d9d49be8971e65572a1
SHA1

f5a674e702db82bb60e9695b1f0f76fd0540fbdb
SHA256

2fa39cb84b99f5116346143568cc2f598b27916a624bbce5c85aaa8efc8eca0f
SHA512

dcb17415b5f133502db353d7b9497ef817ea773e9ddbea74a2bb153e887521a4647afa8881c56b4a43cebd1f2285e227f9c199843457b93c5d1090bc0dea7f0e
SSDEEP

3072:dlJeJOk9wDxMWns3JdQ9zyaZ5DxHdnc1C9MdhP7ejrlVbj:59iJOoI5DxHdc49O7e7bj

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

t01w

Decoy

yeluzishiyanshi.com

thehardtech.xyz

arrowheadk8.site

zaulkunutila.xyz

lookastro.net

congregorecruitment.co.uk

darcyboo.uk

collettesbet.net

ltgpd.com

hiddenapphq.net

haxtrl.online

esenbook.com

jxzyyx.com

ulvabuyout.xyz

instashop.life

vazra.top

ewdvatcuce4.top

zhishi68.com

fabricsandfashion.com

hootcaster.com

Targets

- Target
  
  JaffaCakes118_2fa39cb84b99f5116346143568cc2f598b27916a624bbce5c85aaa8efc8eca0f
- Size
  
  188KB
- MD5
  
  9c15853342787d9d49be8971e65572a1
- SHA1
  
  f5a674e702db82bb60e9695b1f0f76fd0540fbdb
- SHA256
  
  2fa39cb84b99f5116346143568cc2f598b27916a624bbce5c85aaa8efc8eca0f
- SHA512
  
  dcb17415b5f133502db353d7b9497ef817ea773e9ddbea74a2bb153e887521a4647afa8881c56b4a43cebd1f2285e227f9c199843457b93c5d1090bc0dea7f0e
- SSDEEP
  
  3072:dlJeJOk9wDxMWns3JdQ9zyaZ5DxHdnc1C9MdhP7ejrlVbj:59iJOoI5DxHdc49O7e7bj
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2